new software on the server, ..., almost done
Michael Hornung
hornung at cac.washington.edu
Fri Sep 7 18:27:48 EDT 2007
Here's where it gets me:
(gdb) run
Starting program: /usr/local/sbin/argus
ArgusWarning: argus[29876]: 07 Sep 07 15:19:15.920346 started
ArgusWarning: argus[29876]: 07 Sep 07 15:19:15.920527
ArgusGetInterfaceStatus: interface eth2 is up
ArgusInfo: argus[29876]: 07 Sep 07 15:19:18.541138 connect from
marathon.cac.washington.edu
Program received signal SIGSEGV, Segmentation fault.
0x4c13e663 in bcopy () from /lib/libc.so.6
(gdb) bt full
#0 0x4c13e663 in bcopy () from /lib/libc.so.6
No symbol table info available.
#1 0x0804ff55 in ArgusNewFlow (model=0x8fab008, flow=0x8fab3a8,
hstruct=0x8fab310, queue=0x8fab380) at ArgusModeler.c:1469
retn = (struct ArgusFlowStruct *) 0x9281420
timeout = 5
userlen = 0
#2 0x0804ef30 in ArgusProcessPacket (model=0x8fab008, p=0x8fac1ea "",
length=90, tvp=0xbfd68c70, type=0) at ArgusModeler.c:1072
retn = 0
tflow = (struct ArgusSystemFlow *) 0x8fab3a8
flow = (struct ArgusFlowStruct *) 0x0
nflow = (struct ArgusFlowStruct *) 0x9eb7b80
ptr = 0x8fac1ea ""
value = 0
#3 0x0805655b in ArgusEtherPacket (user=0xb7ed9008 "", h=0xbfd68c70,
p=0x8fac1ea "") at ArgusSource.c:683
ep = (struct ether_header *) 0x8fac1ea
ind = 0
src = (struct ArgusSourceStruct *) 0xb7ed9008
tvp = (struct timeval *) 0xbfd68c70
caplen = 90
length = 90
statbuf = {st_dev = 578110229122026696, __pad1 = 45768,
__st_ino = 3218508768, st_mode = 3218508904, st_nlink = 1275960740,
st_uid = 3086401536, st_gid = 1935745139, st_rdev = 5480000866624733183,
__pad2 = 41952, st_size = -4623353967097284856, st_blksize = 1275861536,
st_blocks = -5190746013132413544, st_atim = {tv_sec = 1, tv_nsec = 1},
st_mtim = {tv_sec = 0, tv_nsec = 4589194}, st_ctim = {tv_sec = 4583424,
tv_nsec = 164972}, st_ino = 20393674228473252}
#4 0x00464517 in pcap_open_live () from /usr/lib/libpcap.so.0.9.4
No symbol table info available.
#5 0x00464987 in pcap_dispatch () from /usr/lib/libpcap.so.0.9.4
No symbol table info available.
#6 0x080585c1 in ArgusGetPackets (src=0xb7ed9008) at ArgusSource.c:1730
ArgusReadMask = {__fds_bits = {128, 0 <repeats 31 times>}}
ArgusWriteMask = {__fds_bits = {0 <repeats 32 times>}}
ArgusExceptMask = {__fds_bits = {0 <repeats 32 times>}}
tmp = 1
i = 0
width = 7
noerror = 1
fd = 7
found = 1
up = 1
wait = {tv_sec = 0, tv_usec = 20000}
#7 0x0804b687 in main (argc=1, argv=0xbfd69084) at argus.c:567
commandlinew = 0
doconf = 0
dodebug = 0
i = 1
pid = 0
tmparg = 0x0
filter = 0x0
statbuf = {st_dev = 64768, __pad1 = 0, __st_ino = 36308349,
st_mode = 33188, st_nlink = 1, st_uid = 0, st_gid = 0, st_rdev = 0,
__pad2 = 0, st_size = 11781, st_blksize = 4096, st_blocks = 32, st_atim
= {
tv_sec = 1189199340, tv_nsec = 0}, st_mtim = {tv_sec = 1189199328,
tv_nsec = 0}, st_ctim = {tv_sec = 1189199328, tv_nsec = 0},
st_ino = 36308349}
op = -1
commandlinei = 0
path = "/etc/argus.conf\000argus", '\0' <repeats 8170 times>
(gdb) up
#1 0x0804ff55 in ArgusNewFlow (model=0x8fab008, flow=0x8fab3a8,
hstruct=0x8fab310, queue=0x8fab380) at ArgusModeler.c:1469
1469 bcopy ((char *)&flow->flow_un, (char
*)&retn->canon.flow.flow_un, (flow->hdr.argus_dsrvl8.len - 1) * 4);
(gdb) print (char *)&flow->flow_un
$1 = 0x8fab3ac ""
(gdb) print (char *)&retn->canon.flow.flow_un
$3 = 0x92815b4 ""
(gdb) print flow->hdr.argus_dsrvl8.len
There is no member named argus_dsrvl8.
Hrmm.
-Mike
On Fri, 7 Sep 2007 at 17:04, Carter Bullard wrote:
|I think I found something that could be the cause of your problem,
|although its a medium shot (as opposed to a long shot ;o)
|
|I'll have a new argus and clients up on the server, and it could fix
|Michael's problem as well, only because there are multiple changes
|in this update.
|
|So for Peter, I have a few more checks, and we shouldn't die if we
|have your problem, now (should not die). For Michael, I put in some
|checks for zero length hash structs, and we should survive them
|much better.
|
|Carter
|
|On Sep 7, 2007, at 2:20 PM, Peter Van Epp wrote:
|
|> On Fri, Sep 07, 2007 at 12:36:38PM -0400, Carter Bullard wrote:
|> > Hey Peter,
|> > Well that is good news!!!
|> >
|> > So there is another update, to support ARP functions for IP over
|> > Inifiniband and
|> > ATM, which is a pretty big change, as the physical addresses (mac
|> > addresses)
|> > can be rather large (physical address for infiniband is what 32 bytes
|> > long.
|> > So the flow model for ARP had to change to accommodate that.
|> >
|> > I'll put it and new matching clients up later today, or on Sunday,
|> > depending on
|> > how far I get on documentation, etc...., If someone is interested
|> > in monitoring
|> > IP over infinifband on there OpenIB adapter this weekend, yell and
|> > I'll put it up
|> > sooner.
|> >
|> > Carter
|>
|> Unfortunatly it didn't hold (must be traffic of some kind). It looks
|> like the problem is that retn->dsrs[i] is NULL which makes copying in to
|> it difficult :-).
|>
|> test4:/var/log/argus vanepp$ ra3 -r
|> /archive/argus3/com_argus.archive/2007/09/07/com_argus.2007.09.07.09.00.00.0.gz
|> -n >t
|> ra3(10073,0xa000ed88) malloc: *** vm_allocate(size=8421376) failed (error
|> code=3)
|> ra3(10073,0xa000ed88) malloc: *** error: can't allocate region
|> ra3(10073,0xa000ed88) malloc: *** set a breakpoint in szone_error to debug
|> Bus error (core dumped)
|> test4:/var/log/argus vanepp$ ls /cores
|> core.10073 core.5848
|> test4:/var/log/argus vanepp$ ls -l /cores
|> total 8574696
|> -r-------- 1 vanepp admin 2191327232 Sep 7 11:15 core.10073
|> -r-------- 1 vanepp admin 2198917120 Sep 6 19:03 core.5848
|> test4:/var/log/argus vanepp$ gdb ra3 /cores/core.10073
|> GNU gdb 6.3.50-20050815 (Apple version gdb-563) (Wed Jul 19 05:17:43 GMT
|> 2006)
|> Copyright 2004 Free Software Foundation, Inc.
|> GDB is free software, covered by the GNU General Public License, and you are
|> welcome to change it and/or distribute copies of it under certain conditions.
|> Type "show copying" to see the conditions.
|> There is absolutely no warranty for GDB. Type "show warranty" for details.
|> This GDB was configured as "powerpc-apple-darwin"...Reading symbols for
|> shared libraries .. done
|>
|> Core was generated by `/usr/local/bin/ra3'.
|> #0 0xffff8a74 in ___memcpy () at
|> /System/Library/Frameworks/System.framework/PrivateHeaders/ppc/cpu_capabilities.h:189
|> 189
|> /System/Library/Frameworks/System.framework/PrivateHeaders/ppc/cpu_capabilities.h:
|> No such file or directory.
|> in
|> /System/Library/Frameworks/System.framework/PrivateHeaders/ppc/cpu_capabilities.h
|> (gdb) where
|> #0 0xffff8a74 in ___memcpy () at
|> /System/Library/Frameworks/System.framework/PrivateHeaders/ppc/cpu_capabilities.h:189
|> #1 0x0005c804 in ArgusCopyRecordStruct (rec=0x405234) at
|> ./argus_client.c:3359
|> #2 0x0000979c in RaScheduleRecord (parser=0x288000, argus=0x405234) at
|> ./argus_util.c:840
|> #3 0x00009c2c in ArgusHandleDatum (parser=0x288000, input=0x405000,
|> ptr=0x632bc4, filter=0x299f40) at ./argus_util.c:919
|> #4 0x00056e34 in ArgusReadStreamSocket (parser=0x288000, input=0x405000) at
|> ./argus_client.c:1638
|> #5 0x0005713c in ArgusReadFileStream (parser=0x288000, input=0x405000) at
|> ./argus_client.c:1700
|> #6 0x00003b44 in main (argc=4, argv=0xbffffc18) at ./argus_main.c:238
|> (gdb) up
|> #1 0x0005c804 in ArgusCopyRecordStruct (rec=0x405234) at
|> ./argus_client.c:3359
|> 3359 bcopy (rec->dsrs[i], retn->dsrs[i], size +
|> 8);
|> (gdb) print rec->dsrs[i]
|> $1 = (struct ArgusDSRHeader *) 0x45550c
|> (gdb) print *rec->dsrs[i]
|> $2 = {
|> type = 80 'P',
|> subtype = 160 '?',
|> dsr_un = {
|> fl = {
|> data = 130
|> },
|> vl8 = {
|> qual = 0 '\0',
|> len = 130 '?'
|> },
|> vl16 = {
|> len = 130
|> }
|> }
|> }
|> (gdb) print retn->dsrs[i]
|> $3 = (struct ArgusDSRHeader *) 0x0
|> (gdb) print *retn->dsrs[i]
|> $4 = {
|> type = 0 '\0',
|> subtype = 0 '\0',
|> dsr_un = {
|> fl = {
|> data = 0
|> },
|> vl8 = {
|> qual = 0 '\0',
|> len = 0 '\0'
|> },
|> vl16 = {
|> len = 0
|> }
|> }
|> }
|> (gdb) print *user
|> $5 = {
|> hdr = {
|> type = 80 'P',
|> subtype = 160 '?',
|> dsr_un = {
|> fl = {
|> data = 130
|> },
|> vl8 = {
|> qual = 0 '\0',
|> len = 130 '?'
|> },
|> vl16 = {
|> len = 130
|> }
|> }
|> },
|> size = 512,
|> count = 512,
|> array = "=en-us\">"
|> }
|> (gdb) print i
|> $6 = 12
|>
|> Peter Van Epp / Operations and Technical Support
|> Simon Fraser University, Burnaby, B.C. Canada
|>
|
More information about the argus
mailing list